The British Army relies on IT to support its personnel deployed around the world. Its Information Application Services (IAS) Branch delivers software applications, hosting, and web services to the British Army. To overcome issues with unplanned downtime and support, IAS migrated its private cloud environment from Oracle to Red Hat Enterprise Linux. With simplified, automated management through Red Hat Ansible, IAS can deploy changes faster and more efficiently. In addition, the new environment has reduced manual and other errors and eliminated unplanned downtime, helping improve the end user experience.
 

Benefits

• Simplified and automated management to improve consistency and reduce manual errors
• Accelerated deployment of critical patches from three days to three hours and cut changed delivery time by 75%
• Improved agility by enhancing DevOps approach used to deliver services to users
• Gained access to expert support for troubleshooting any issues with new environment

I.T. PLATFORM DELAYS UPDATES AND DISRUPTS USERS

With more than 100,000 regular and reserve personnel — including 19,000 personnel deployed across 27 countries in 2017 — the British Army depends on its IT to run smoothly. A seamless IT experience is particularly important for its Information Application Services (IAS) Branch. Based in the UK, this team delivers software applications, hosting, and web services to the British Army.

“We predominantly host large corporate applications and services that provide support to families, veterans, and anyone we work with,” said Lt. Col. Dorian Seabrook, head of operations at the British Army’s IAS Branch. “These applications are similar to those in a commercial environment, such as our enterprise resource platform and our Oracle-based human resources software.”

IAS uses two main hosting environments: a public cloud server farm and the Army Hosting Environment, consisting of two private clouds. These environments are predominately Linux and Windows instances, as well as several virtual appliances. The IAS Linux platform runs a large instance of Oracle technology that hosts more than 30 applications developed in-house using Oracle Application Express (Oracle APEX). However, IAS began experiencing support, performance, and availability problems with its Oracle technology.

“While running an Oracle stack on Oracle Linux, we were finding that the Oracle Linux support was not up to the standard we expected,” said Aidan Beeson, Linux technical architect at the British Army’s IAS Branch. “We were also having compatibility issues with some software when using Oracle’s Unbreakable Enterprise Kernel [UEK].”

These problems caused unplanned downtime during upgrades, disrupted users, and slowed update deployment. “There’s always pressure to deliver quickly. We have to be more efficient in how we deliver software, as well as underlying infrastructure, upgrades, maintenance, and support,” said Seabrook.

ENTERPRISE OPEN SOURCE SOLUTION STREAMLINES MANAGEMENT

Because of these issues, IAS decided to migrate from Oracle Linux to Red Hat Enterprise Linux, supported by Red Hat Enterprise Linux Resilient Storage Add-On.

“We were redefining our operating model and wanted to deliver software faster and more efficiently to meet end users’ requirements,” said Seabrook. “As part of that we started to look at DevOps and what tools were available to support us in this venture.”

For its main Oracle solution — including five database servers and two applications servers with a central clustered file system — IAS deployed Red Hat Enterprise Linux Resilient Storage Add-On. This add-on offers file system capabilities for resiliency across system failures. IAS also hardened Red Hat Enterprise Linux in house to meet security requirements using a combination of military and other security benchmarks.

To streamline management of its new environment after migrating from physical infrastructure to a software-defined datacenter, IAS deployed Ansible Tower by Red Hat. This automation and orchestration tool was initially deployed to perform fully automated routine patches and configuration updates to the operating system. IAS then expanded its use to provide rapid patching and system reconfiguration for urgent requirements, with a streamlined development, test, and deployment pipeline.

In addition, Ansible Tower now supports DevOps and continuous integration (CI) approaches to routine system administration within the Army Hosting Environment.

“We looked at Chef, Puppet, and SaltStack, but we didn’t want to deploy more management agents into our environment,” said Beeson. “As Ansible uses standard Secure Shell [SSH] for connecting to hosts, we don’t have to deploy and manage agents. When there is an SSH security issue, we can simply fix it as part of routine server patching.”

ANSIBLE AND LINUX SPEEDS AND AUTOMATES SERVICE DELIVERY APPROACH

EASIER, MORE ACCURATE MANAGEMENT

Ansible ensures all of the IAS IT environments — including development, test, preproduction, and production — remain consistent. Standardized code built into the Ansible Inventory provides logic on how each platform should be controlled and patched. When changes are necessary, Ansible releases all related resources — including documentation — to centralized repositories, then delivers the software and updates to the correct locations.

“We have to be very careful, especially with the Oracle stack, that services and nodes are turned on and off in the correct order,” said Beeson. “Ansible gives us the power to control the state of services on target hosts, as well as control the powering on and off of virtual machines, for more granular platform control.”

IAS IT administrators can access Ansible’s user-friendly interface to deliver software and updates across environments with minimal manual effort. Specialized instructions — and physical CDs or paper documentation — for each platform are no longer required, and minimal operator experience is required to run and monitor jobs.

As a result, IAS has cut patching time and significantly reduced launch errors and configura- tion issues.

“The graphical overlay within Ansible Tower simplifies the management and execution of Ansible playbooks. The layout is intuitive and provides users with a straightforward interface for executing jobs,” said Beeson. “Ansible Tower lets us apply fine-grained access controls to jobs and inventories that ensure only authorized users can access platforms and functionality.”

FASTER, MORE AGILE SERVICE DELIVERY

With its new Red Hat system, upgrades that previously took a day — and caused system downtime of several hours each month — can now be performed in less than two hours with high availability, scheduled to minimize user disruption. Emergency patches that previously took around three days can now be implemented in three or four hours. Overall, change delivery is now typically 75% faster.

“Rather than bulk delivery, we’re able to deliver incrementally, and we no longer frustrate users with significant downtime during working hours,” said Seabrook.

By achieving more agile service delivery, IAS can reassign staff resources to support other needs. “As productivity has improved, we’ve been able to move people into our security operating center and other parts of the organization that were previously lacking,” said Seabrook.

DEVOPS ENHANCEMENTS

By migrating to Red Hat Enterprise Linux and Ansible Tower, IAS has enhanced its DevOps approach to better keep up with user requests — without increasing operational costs.

“A big issue we had with the previous environment was people logging onto systems and making changes that weren’t unified and consistent,” said Beeson. “One of the main sources of support for DevOps is automating tasks to avoid that fragmentation. Ansible Tower provides a platform for automation to ensure consistency across our environments.”

Now, IAS can use its DevOps approach to ensure services and changes are delivered to users faster. “The change is immense,” said Seabrook. “Previously, for large projects, conversations with our users about delivery times could be quite stressful. Now, in most cases, we’re delivering quicker than users can actually absorb the changes. They’re just staggered by our agility and the turnaround time that we can now offer.”

ACCESS TO EXPERT SUPPORT

By migrating to Red Hat, IAS has access to professional guidance and support through its Red Hat Enterprise Linux and Ansible Tower product subscriptions.

“For example, the Resilient Storage Add-On is very robust and provides numerous file system capabilities for improving system failure resiliency,” said Seabrook. “But when we did have issues, the support we’ve had from Red Hat is timely and accurate.”

SUCCESS CREATES OPPORTUNITIES FOR ONGOING IMPROVEMENT

After its initial success using Red Hat Enterprise Linux and Ansible Tower in its private cloud, IAS aims to deploy Ansible into its public cloud environment. IAS also plans to use Ansible to provide critical patch updates to its remaining Oracle infrastructure, extend its DevOps capabilities to its Windows platforms, and manage its network switches and servers. In addition, IAS is researching the possibility of using Ansible to define standardized catalog items for provisioning new services and virtual machines (VMs).

“Red Hat and Ansible have met or exceeded all of the measurable outcomes we set for this project,” said Seabrook. “Our adoption of these solutions is increasing throughout our organization.”

ABOUT THE BRITISH ARMY IAS

Information Application Services (IAS) is a branch of the Army Headquarters based in Andover. IAS is an internal software house and hosting organization comprising a mixed team of 120 military, civil servants, and contractor staff to manage development, integration, and hosting of 200 services in both private and public cloud environments across three security domains. IAS uses two main technologies of Microsoft .NET and Oracle APEX technologies to deliver bespoke applications for specific Army and Defence requirements using agile and DevOps methodologies.